Does it make sense to have this architecture where users connect to https://a.com then HAProxy does TCP redirection to one of the servers defined in the cluster, then once that server gets the data (NGINX) it will decrypt the SSL and then pass the request on to an application server (COldFusion) on another machine. So basically the data is going through 3 machines , HaProxy,NGIX and Finally CF.

I believe you can decrypt at the HAProxy level as well, removing the need for nginx. If HAProxy is seeing a lot of traffic, I suppose you may not want the extra burden of handling SSL, however having three machines just seems like one more than is necessary.

Hmm I thought so. The site is expected to get a lot of traffic which is why i want to remove SSL processesing from HAProxy. If NGIX was decrypting the SSL and CF was kicking in and processing the request would that be better? With just 2 servers? So HaProxy --> (NGIX & CF)
–
Faisal AbidOct 16 '10 at 20:09